# Quickstart: VPS Migration ## Prerequisites - Access to this repo and the new VPS host configuration - Existing iptables ruleset file available at repo root: `iptables` - VPN keys present in the secrets system - SSH public keys present in `secrets/ssh/` ## Steps 1. Review the spec and clarifications: - `/home/jawz/Development/NixOS/specs/004-vps-migration/spec.md` 2. Ensure secrets are available: - VPN private/public keys are stored in the secrets system - `secrets/ssh/ed25519_deploy.pub` and `secrets/ssh/ed25519_lidarr-reports.pub` exist 3. Update host configuration: - Set new VPS as primary reverse proxy host - Enable proxying for all enabled services (services remain on host server) - Apply iptables ruleset as-is - Enable wireguard on VPS and expose port - Add service users and admin SSH keys - Update VPS public IP to `45.33.0.228` in SSH configuration - Update host server VPN client to target the new VPS 4. Provide and review legacy proxy config: - Supply caddy files for subdomain comparison ## Caddy vs Nix Subdomain Comparison (from provided caddy/ directory) **Caddy-only domains (present in caddy, not found in current Nix server hosts):** - danilo-reyes.com - www.danilo-reyes.com - blog.danilo-reyes.com - www.blog.danilo-reyes.com - mb-report.lebubu.org - torrent.lebubu.org **Nix-only domains (present in Nix server hosts, not in caddy config):** - auth-proxy.lebubu.org - comments.danilo-reyes.com - flix.rotehaare.art - 55a608953f6d64c199.lebubu.org - pYLemuAfsrzNBaH77xSu.lebubu.org - bookmarks.lebubu.org - drpp.lebubu.org - portfolio.lebubu.org - qampqwn4wprhqny8h8zj.lebubu.org - requests.lebubu.org - start.lebubu.org - sync.lebubu.org - tranga.lebubu.org **Notes:** - `auth-proxy.lebubu.org` appears only in `15-private.caddyfile__` (not imported by Caddy), so it is currently inactive in caddy. - `danilo-reyes.com` and `blog.danilo-reyes.com` are handled as static sites in caddy; Nix has `my.websites.portfolio` and `isso` which may need mapping to these domains. - `mb-report.lebubu.org` and `torrent.lebubu.org` are present in caddy but no matching Nix server host was found. 5. Migrate analytics data: - Export data from existing server - Import into new server - Validate historical data is present 6. Run verification steps for each task (per spec FR-012).